コード例 #1
0
ファイル: test_class.py プロジェクト: yairmol/stix-shifter 
    def test_results_response_empty_list(self, mock_results_response,
                                         mock_api_client):
        mock_api_client.return_value = None

        dir_path = os.path.dirname(os.path.realpath(__file__))
        file_path = os.path.join(dir_path, 'api_response',
                                 'empty_result_by_sid.json')
        mocked_return_value = open(file_path, 'r').read()

        mock_results_response.return_value = SplunkMockResponse(
            200, mocked_return_value)

        config = {"auth": {"username": "", "password": ""}}
        connection = {"host": "host", "port": 8080}

        search_id = "1536832140.4293"
        offset = 0
        length = 1
        entry_point = EntryPoint(connection, config)
        results_response = entry_point.create_results_connection(
            search_id, offset, length)

        assert 'success' in results_response
        assert results_response['success'] is True
        assert 'data' in results_response
        assert len(results_response['data']) == 0
コード例 #2
0
ファイル: test_class.py プロジェクト: xinjing123/stix-shifter 
    def test_query_flow(self, mock_results_response, mock_status_response, mock_query_response, mock_api_client):
        mock_api_client.return_value = None
        
        config = {
            "auth": {
                "username": "",
                "password": ""
            }
        }      
        connection = {
            "host": "host",
            "port": "8080"
        }

        query_mock = '{"sid":"1536832140.4293"}'
        mock_query_response.return_value = SplunkMockResponse(201, query_mock)
        
        dir_path = os.path.dirname(os.path.realpath(__file__))
        file_path = os.path.join(dir_path, 'api_response', 'result_by_sid.json')
        results_mock = open(file_path, 'r').read()
        mock_results_response.return_value = SplunkMockResponse(200, results_mock)
        
        status_file_path = os.path.join(dir_path, 'api_response', 'status_by_sid.json')
        status_mock = open(status_file_path, 'r').read()
        mock_status_response.return_value = SplunkMockResponse(200, status_mock)

        query = 'search eventtype=network_traffic | fields + tag| spath'
        entry_point = EntryPoint(connection, config)
        query_response = entry_point.create_query_connection(query)

        assert query_response is not None
        assert query_response['success'] is True
        assert 'search_id' in query_response
        assert query_response['search_id'] == "1536832140.4293"

        search_id = "1536832140.4293"
        status_response = entry_point.create_status_connection(search_id)

        assert status_response is not None
        assert 'status' in status_response
        assert status_response['status'] == 'COMPLETED'
        assert 'progress' in status_response
        assert status_response['progress'] == 100
        assert 'success' in status_response
        assert status_response['success'] is True

        search_id = "1536832140.4293"
        offset = 0
        length = 1
        results_response = entry_point.create_results_connection(search_id, offset, length)

        assert 'success' in results_response
        assert results_response['success'] is True
        assert 'data' in results_response
        assert len(results_response['data']) > 0